Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
SubZer0
Contributor

Blocking port scanners

On my FW I will like to block port scanners. I've attempted the solution outlined in sk110873, but Nmap is still able to extract information about open ports. Do you have any suggestions on effectively blocking port scanners to ensure they cannot gather any information?

I am using R81.10 – gateway and R81.20 for MGMT.

0 Kudos
2 Replies
Lesley
Leader Leader
Leader

This would be a good next step:

https://support.checkpoint.com/results/sk/sk112241

Btw you will never truely block port scans. They can be tweaked that they stay under the 'radar'. 

So you could scan a subnet, but also one host. You can scan small port range, but also big. You can scan 10 ports a second or more.

There are so many factor that you can change that a firewall is not able to know if this is a port scan yes or no. 

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
the_rock
Legend
Legend

Thats actually really GOOD question. But, in my mind, and this is just me personally, I cant really see logically how that can be achieved, because you would need to know src/port numbers used in order to do it effectively. 

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events